When *not* to sign an e-mail message? - PGP

This is a discussion on When *not* to sign an e-mail message? - PGP ; Anne &amp; Lynn Wheeler writes:
> there are all sort of short-comings if you believe that digital
> signatures translate straight-forward to the same as human signatures.
Well, they do, legally. They reduce to exactly the same thing in
court: ...

Re: When *not* to sign an e-mail message?

Anne & Lynn Wheeler writes:
> there are all sort of short-comings if you believe that digital
> signatures translate straight-forward to the same as human signatures.

Well, they do, legally. They reduce to exactly the same thing in
court: one party says "he agreed to this," and the other party says
"no, I didn't."

The actual method of authentication is often irrelevant, since the
forgery is often out-of-band. Thus, the handwritten signature may
pass the authentication test, but the forger simply manages this by
carefully copying an authentic signature. And the digital signature
may be impossible to forge without a key, but the forger manages by
simply stealing the key.

--
Transpose mxsmanic and gmail to reach me by e-mail.

Re: When *not* to sign an e-mail message?

Mxsmanic wrote:
> Andrew Swallow writes:
>
>
>>It is equivalent to a company using a rubber stamp to sign cheques.
>>Where there are a thousand people on the pay roll it is quite common for
>>the clerks to be given such rubber stamps. It saves the boss a lot of
>>writing.
>
>
> In practice, it's a check-signing machine, but your point still
> applies; indeed, with a check-signing machine, it resembles digital
> signatures even more.

Thank you. Yes signing using rubber stamps is a little Victorian.

Andrew Swallow

Re: When *not* to sign an e-mail message?

Mxsmanic wrote in
news:f51p02penrokmervke8r34suuhdbn0ffac@4ax.com:
>> No, in any western system of law, the person relying on the signature
>> (usually the recipient or beneficiary) must prove its validity (e.g.,
>> a bank relying on my signature on a cheque must validate it against
>> its sample signature). If it is contested and goes to court it is
>> the bank's burden (to use my example) to satisfy the court that the
>> signatures match.
>
> Which is trivially easy to do, if the bank did indeed look at the
> signatures--it is sufficient to show the two signatures in court.

No, it is highly inlikely that that would be sufficient for any serious
matter. In all likelihood there would be expert witnesses (including
specialists in handwriting, forensics, counterfeiting, ink, paper, and on
and on) from the bank and a number of other parties involved.

> Yes, you do. If the signature matches the model the bank used for
> validation, you have to find a way to prove that it's not your
> signature, even though it looks the same.

See above. It is inconceivable that the standard in any sensible court
regarding a handwriting aspect that rises above the trivial or incidental
would be your dismissive "looks the same."

>> With electronic signatures I have taken on additional burdens that do
>> not apply with traditional signatures. For instance, I now carry a
>> burden not to be negligent in my keeping the keys safe. And, if the
>> signature is disputed, it would fall on *me* to show that they had
>> somehow leaked or been compromised (e.g., I might have to show
>> Verisign has a corrupt employee). I have taken on (or rather had
>> imposed on me) additional responsibility and the need for a wider net
>> of trust - things I don't have to do the old-fashioned way.

> Still, it is trivially easy to forge a handwritten signature, whereas
> it is not feasible to forge a digital signature.

It is actually rather difficult to forge a handwritten signature so that
it will pass detailed forensic examination rather than a mere quick,
casual visual inspection. It is not by accident that signatures have
been relied on for many hundreds of years for matters great and small.

Moreover it can be easy to forge a digital signature. True, one method,
brute forcing the key, is currently computationally infeasible, but that
hardly exhausts the possibilities. There are any number of methods of
stealing the key, compromising the security (e.g., having the signer
foolishly sign a document presented to him), electronically switching
which document is presented and which is actually signed, and on and on.

Regards,

Re: When *not* to sign an e-mail message?

Mxsmanic wrote in
news:sc1p02t78q6ead4e166k0f5ut7fn83l417@4ax.com:

>> No reversal, just harder to lie.
>
> Exactly. And the consequences are more severe if one is careless.

I don't want to adopt a signing system that imposes a severe duty of care
regarding keys. As I pointed out before, that is equivalent to having to
guard a chequebook in which I have already signed every blank cheque.

If you were to propose to someone that he should manage his chequebook that
way he'd laugh in your face. It would be seen as not just imprudent but as
utterly reckless. And yet that is what you equivalently would impose on me
to support your digital signing system.

No, I'd much rather have a system where the only requirement was for a
single constructive act on my part - a handwritten signature - with no
onerous additional obligations before or after.

Regards,

Re: When *not* to sign an e-mail message?

nemo_outis writes:
> I don't want to adopt a signing system that imposes a severe duty of care
> regarding keys.

You prefer a signing system that makes forgery so easy that it's
essentially dependent on the honor system?
> No, I'd much rather have a system where the only requirement was for a
> single constructive act on my part - a handwritten signature - with no
> onerous additional obligations before or after.

And anyone can write that handwritten signature--you need not even be
present.

--
Transpose mxsmanic and gmail to reach me by e-mail.

Re: When *not* to sign an e-mail message?

nemo_outis writes:
> No, it is highly inlikely that that would be sufficient for any serious
> matter. In all likelihood there would be expert witnesses (including
> specialists in handwriting, forensics, counterfeiting, ink, paper, and on
> and on) from the bank and a number of other parties involved.

The reality is that it's easy to forge handwritten signatures, no
matter how much forensic effort you put into checking them. They are
fundamentally insecure.
> See above. It is inconceivable that the standard in any sensible court
> regarding a handwriting aspect that rises above the trivial or incidental
> would be your dismissive "looks the same."

That's the whole basis of handwritten signatures. If they look the
same, they pass.
> It is actually rather difficult to forge a handwritten signature so that
> it will pass detailed forensic examination rather than a mere quick,
> casual visual inspection.

Examples?
> It is not by accident that signatures have
> been relied on for many hundreds of years for matters great and small.

It has been relied upon because there has never been anything else.
> Moreover it can be easy to forge a digital signature. True, one method,
> brute forcing the key, is currently computationally infeasible, but that
> hardly exhausts the possibilities. There are any number of methods of
> stealing the key, compromising the security (e.g., having the signer
> foolishly sign a document presented to him), electronically switching
> which document is presented and which is actually signed, and on and on.

Re: When *not* to sign an e-mail message?

And many Asians continue to use the chop system rather than signatures.

But we were discussing handwritten versus digital signatures.

Regards,

Re: When *not* to sign an e-mail message?

Mxsmanic wrote in
news:lf1p025hgg50uap71blqfm7o2usv4fdsg2@4ax.com:
> nemo_outis writes:
>
>> Handwritten and digital signatures are not equivalent - the reference
>> to both as "signatures" is at best an analogy, at worst a deception.
>
> Legally, they are identical.

No, they are not legally identical. As just one blatant difference digital
signatures are not recognized as valid in many jurisdictions.

>> PPS A different signature on my cheques than my contracts? ...or
>> on my credit cards? ...or on my letters? ...or on my...? Gimme a
>> break! I do not have a quiver of signatures, nor do most people.
>> Why don't we talk about this universe rather than the parallel one
>> you might prefer?
>
> Why don't you refrain from personal attacks in your arguments? The ad
> hominem undermines your credibility.

What personal attack? I asked him to speak of the universe in which we
currently reside. You know, the universe in which virtually no one uses
multiple handwritten signatures. It is he with his nonsense who has
indicted himself as a fool - he needed no help from me.

But speaking more broadly, yes, I do infer that a man who says foolish
things is a fool. It's called proceeding on the evidence.

However, my initial judgment is graciously open to appeals from him
pleading he was hasty, thoughtless, or careless rather than a fool.

Regards,

Re: When *not* to sign an e-mail message?

nemo_outis wrote:
> "Non scrivetemi" wrote in
> news:97a0b7459f825709f6691dc3bb94ca7e@pboxmix.wins tonsmith.info:
>
>> Hi,
>>
>> I'm wondering if there are any hypothetical situations where one would
>> NOT want to sign an email message they are sending to another party.
>> In my opinion, there are no valid reasons not to sign a message.
>>
>> Can anyone point out a situation to me where *not* signing would be
>> advantageous (excluding off course that the message may be smaller if
>> it's not signed)?
>>
>> TIA
>>
>
>
>
> The whole question of digital signing and non-repudiation is fatally
> flawed.
>
> Why? Because it reverses the burden of proof.
>
> With existing handwritten signatures the burden of verifying the signature
> falls on the recipient (e.g., banks re a cheque). With digital signatures
> the sender must prove he didn't send it (e.g., he might argue his key had
> been stolen).
>
> The traditional basis of signatures is that the burden lies on the fellow
> relying on them; digital signatures reverse 1000 years of legal and
> commercial practice. While arguments can be advanced why such a reversal
> might be desirable they have to overcome this "who proves" hurdle and
> cannot rely solely on their "gee-whiz" gimcrackery as sufficient
> justification.
>
> Regards,
>

The legal standing of digital signatures in different nations is
documented in Dr. Simone van der Hof's "Digital Signature Law Survey" at.

Re: When *not* to sign an e-mail message?

> The reality is that it's easy to forge handwritten signatures, no
> matter how much forensic effort you put into checking them. They are
> fundamentally insecure.

Well then, why don't you pen a series of letters ostensibly from George
Washington and sell them at immense profit?

>> It is not by accident that signatures have
>> been relied on for many hundreds of years for matters great and
>> small.
> It has been relied upon because there has never been anything else.

While every system has limitations and deficiencies, written signatures
have worked well for a very long time, across numerous cultures and legal
systems, for a very wide range of purposes from casual letters to multi-
billion dollar deals and international treaties. Moreover, the practices
and principles of a number of important institutions and social and
economic practices have been refined to work on an integrated basis with
such handwritten signatures.

Despite the enthusiasm of technophiles, it remains to be shown whether
digital signatures can attain anything like such widespread and longterm
utility.

>> Moreover it can be easy to forge a digital signature. True, one
>> method, brute forcing the key, is currently computationally
>> infeasible, but that hardly exhausts the possibilities. There are
>> any number of methods of stealing the key, compromising the security
>> (e.g., having the signer foolishly sign a document presented to him),
>> electronically switching which document is presented and which is
>> actually signed, and on and on.
>
> These are out-of-band compromises of the system.

I don't give a fig about the modality of compromise (except as the most
incidental of trivia). I care about whether and to what degree digital
signature systems are susceptible to any form of compromise, what
mitigative measures are necessary to prevent such compromise, on whom the
burdens (technical, legal, ecopnomic, or whatever) fall, and to what
extent such problems diminish the social utility of such signature
systems.

If digital signatures are susceptible to compromise it matters little to
me (or anyone else I suspect) whether their failures are attributable to
factoring large numbers or putting a keylogger on someone's computer.

Regards,

PS For instance, one mitigative measure to preserve ANY utility in
digital signatures, potentially a very onerous one, is the need to keep
the key secret - possibly for decades!

Re: When *not* to sign an e-mail message?

nemo_outis wrote:
> Andrew Swallow wrote in
> news:dui1oh$k8j$1@nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:
>
>
>>Thank you. Yes signing using rubber stamps is a little Victorian.
>>
>>Andrew Swallow
>
>
>
> And many Asians continue to use the chop system rather than signatures.
>
> But we were discussing handwritten versus digital signatures.

Governments and corporations use seals rather than signatures on
important documents and have done for centuries. The British kings even
had different seals for personal and state use.http://www.battle1066.com/g223.shtml

You continue to require digital signature to supply a level of security
millions of times higher than handwritten signatures. When we point
this out you discard this information and reply with insults. You then
cheat and chose the weakest form of signing of the grounds that it is
stronger.

Andrew Swallow

Re: When *not* to sign an e-mail message?

Mxsmanic wrote in
news:5t5p02tlc02atnjuimkf9q1qh8ni2ihovh@4ax.com:
> nemo_outis writes:
>
>> I don't want to adopt a signing system that imposes a severe duty of
>> care regarding keys.
>
> You prefer a signing system that makes forgery so easy that it's
> essentially dependent on the honor system?

No, it is not "essentially dependent on the honour system." In your
eagerness to make a point you have crossed over into transparent
intellectual dishonesty.

Five hundred years and more of social, legal and commercial practice says
handwritten signatures are adequate to the task. Actually, to many
tasks. Yes, there are deficiencies and weaknesses in the handwriting
system - as with any system - but it has been, on the whole,
satisfactory.

Now that doesn't mean one should close one's mind to alternatives.
Indeed, in time, we may decide that the digital alternatives are
superior. More likely we will find that they are superior for some uses
and inferior for others. However, digital signatures are in their
infancy - it would be not just premature but rash to say they should
supplant handwritten signatures.

>> No, I'd much rather have a system where the only requirement was for
>> a single constructive act on my part - a handwritten signature - with
>> no onerous additional obligations before or after.
>
> And anyone can write that handwritten signature--you need not even be
> present.

Once again, in your eagerness you have grossly misstated your case.

No, only *I* can write *my* signature. Others can only produce simulacra
which approximate it to a greater or lesser degree. You are confusing
and conflating the verification and validation of handwritten signatures
with their production.

But whatever deficiencies handwritten signatures may have, digital
signatures are even worse - they can be counterfeited *perfectly* rather
than approximately by someone who manages to get the key (which would be
a very significant risk for many in the real world).

Regards,

Re: When *not* to sign an e-mail message?

Andrew Swallow writes:
> You continue to require digital signature to supply a level of
> security millions of times higher than handwritten signatures. When
> we point this out you discard this information and reply with insults.
> You then cheat and chose the weakest form of signing of the grounds
> that it is stronger.

it turns out that the issue of digital signatures with integrity and
authentication is different than the issue of human signatures with
intent. one might be tempted to use an example of comparing the color
orange in oranges with the color red in apples (except they have
closer relationship being both colors and both involve fruit).

in any case, there was the whole attempt to try and establish the
non-repudiation flag in digital certificate standards ... which
eventually fell into much disrepute, in large part because the issue
of integrity and authentication (associated with digital signatures)
is unrelated to intent (associated with human signatures).

Re: When *not* to sign an e-mail message?

Andrew Swallow wrote:
>> But we were discussing handwritten versus digital signatures.
>
> Governments and corporations use seals rather than signatures on
> important documents and have done for centuries. The British kings even
> had different seals for personal and state use.

And the signature of Karl the Great (or Charlemagne, as the French call
him) was actually just a little line that he added to the official
seal...

Re: When *not* to sign an e-mail message?

"nemo_outis" wrote:
>> The reality is that it's easy to forge handwritten signatures, no
>> matter how much forensic effort you put into checking them. They are
>> fundamentally insecure.
>
> Well then, why don't you pen a series of letters ostensibly from
> George Washington and sell them at immense profit?

Because he can't get the right (old enough) paper? ;-)

Juergen Nieveler
--
Modesty is a vastly overrated virtue

Re: When *not* to sign an e-mail message?

> You continue to require digital signature to supply a level of security
> millions of times higher than handwritten signatures. When we point
> this out you discard this information and reply with insults. You then
> cheat and chose the weakest form of signing of the grounds that it is
> stronger.
>
> Andrew Swallow

There is no evidence that digital signatures provide security "millions of
times higher." You have focussed on one narrow aspect of their use: the
difficulty of computationally breaking the key. However, the breaking of
the key is only one potential failure mode for a digital signature system.

Signature systems must operate in a far broader legal, social and economic
milieu than that with respect to all their functions, including security.
It is the end-to-end security, and social utility generally, which must be
considered, rather than merely one aspect of calculating the key.

And, as I have pointed out, the digital signature system can impose a
number of burdens on users, such as the requirement to keep keys secret for
a very long time, or to extend trust to third parties (e.g., Verisign). It
is an open question whether many people can successfully bear such burdens,
for if they are not sustainable generally in ordinary human intercourse
then the application of digital signatures will be reduced to a narrow
niche.

Regards,

Re: When *not* to sign an e-mail message?

Andrew Swallow wrote in news:dui7ql$6se$1
@nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:
> nemo_outis wrote:
>
>> Andrew Swallow wrote in
>> news:dui1oh$k8j$1@nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:
>>
>>
>>>Thank you. Yes signing using rubber stamps is a little Victorian.
>>>
>>>Andrew Swallow
>>
>>
>>
>> And many Asians continue to use the chop system rather than
signatures.
>>
>> But we were discussing handwritten versus digital signatures.
>
> Governments and corporations use seals rather than signatures on
> important documents and have done for centuries. The British kings
even
> had different seals for personal and state use.
> http://www.battle1066.com/g223.shtml
>
> You continue to require digital signature to supply a level of security
> millions of times higher than handwritten signatures. When we point
> this out you discard this information and reply with insults. You then
> cheat and chose the weakest form of signing of the grounds that it is
> stronger.
>
> Andrew Swallow

There is no evidence that digital signatures provide security "millions
of times higher." You have focussed on one narrow aspect of their use:
the difficulty of computationally breaking the key. However, the
breaking of the key is only one potential failure mode for a digital
signature system.

Signature systems must operate in a very broad legal, social and economic
milieu with respect to all their functions, including security. It is
the *end-to-end security,* and the social utility generally, which must
be considered, rather than merely the one aspect of calculating the key.

And, as I have pointed out, the digital signature system can impose a
number of burdens on users, such as the requirement to keep keys secret
for a very long time, or to extend trust to third parties (e.g.,
Verisign). It is an open question whether many people can do this
successfully, for if these additional requirements are not sustainable
generally in ordinary human intercourse, then the utility of digital
signatures will be largely vitiated and their application reduced to a
narrow niche.

In short, while digital signaturs are strong in one aspect, they are
tediously and burdensomely deficient in other aspects. Moreover, they
differ from handwritten signatures in yet other ways which invites
confusion, abuse and exploitation of the public which is not aware of
such lurking dangers.

Regards,

PS That encrypted email has never achieved even modest acceptance is
strongly suggestive of how unenthusiastic the general public is likely to
remain regarding digital signatures.

Re: When *not* to sign an e-mail message?

Juergen Nieveler wrote in
news:Xns977EE5F047759juergennieveler@nieveler.org:
> "nemo_outis" wrote:
>
>>> The reality is that it's easy to forge handwritten signatures, no
>>> matter how much forensic effort you put into checking them. They are
>>> fundamentally insecure.
>>
>> Well then, why don't you pen a series of letters ostensibly from
>> George Washington and sell them at immense profit?
>
> Because he can't get the right (old enough) paper? ;-)
>
> Juergen Nieveler

Absolutely correct. Real handwritten signatures do not "hang in the air"
but exist in a physical context. That physical context (the ink used, the
paper, writing pressure and speed, the other printing or writing on the
page, etc.) can play a role in verification of a handwritten signature and
distinguishing it from a counterfeit.

Regards,

Re: When *not* to sign an e-mail message?

nemo_outis writes:
> No, they are not legally identical. As just one blatant difference digital
> signatures are not recognized as valid in many jurisdictions.

That's a local determination, not a global principle.

--
Transpose mxsmanic and gmail to reach me by e-mail.

Re: When *not* to sign an e-mail message?

Mxsmanic wrote in
news:fpor02dgfrj2n40pkkdl2elltmnh63n4vt@4ax.com:
> nemo_outis writes:
>
>> No, they are not legally identical. As just one blatant difference
>> digital signatures are not recognized as valid in many jurisdictions.
>
> That's a local determination, not a global principle.

I have no idea what your quibbling and weaseling is intended to convey.
And neither, I suspect, do you.

You stated that digital and handwritten signatures were legally identical.

You made a statement of [alleged] fact, an absolute and unqualified
statement. And that statement is patently false!